MS11-028: Vulnerability in the .NET Framework could allow remote code execution: April 12, 2011

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Vista Service Pack 1 (SP1) ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 (SP2). For more information, refer to this Microsoft web page: Support is ending for some versions of Windows.
INTRODUCTION
Microsoft has released security bulletin MS11-028. To view the complete security bulletin, visit one of the following Microsoft websites:

How to obtain help and support for this security update

Help installing updates: Support for Microsoft Update

Security solutions for IT professionals: TechNet Security Troubleshooting and Support

Help protect your computer that is running Windows from viruses and malware:Virus Solution and Security Center

Local support according to your country: International Support

MORE INFORMATION

Known issues and additional information about this security update

The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.
  • 2446710 MS11-028: Description of the security update for the .NET Framework 3.5.1 on Windows 7 Service Pack 1 and on Windows Server 2008 R2 Service Pack 1: April 12, 2011
  • 2446708 MS11-028: Description of the security update for the .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: April 12, 2011
  • 2446709 MS11-028: Description of the security update for the .NET Framework 3.5.1 on Windows 7 and on Windows Server 2008 R2: April 12, 2011
    Known issues in security update 2446709:

    After you install security update 2446709 on a Windows Server 2008-based system that is running certain versions of Exchange Server or SQL Server, you may experience any of the following issues:
    • On a SQL server, you cannot launch Powershell or Event Viewer, and the SQL Reporting Service will not start.
    • On an Exchange server, you cannot start launch Powershell or Event Viewer.
    • The Exchange Mailbox Replication Service terminates unexpectedly.
    For more information about this problem, please click the following article number to view the article in the Microsoft Knowledge Base:
    2540222 Exchange Server, SQL Server, or PowerShell crashes after you install security update 2449742 or 2446709
  • 2449742 MS11-028: Description of the security update for the .NET Framework 3.5 Service Pack 1 and the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: April 12, 2011
    Known issues in security update 2449742:

    After you install security update 2449742 on a Windows Server 2008-based system that is running certain versions of Exchange Server or SQL Server, you may experience any of the following issues:
    • On a SQL server, you cannot launch Powershell or Event Viewer, and the SQL Reporting Service will not start.
    • On an Exchange server, you cannot start launch Powershell or Event Viewer.
    • The Exchange Mailbox Replication Service terminates unexpectedly.
    For more information about this problem, please click the following article number to view the article in the Microsoft Knowledge Base:
    2540222 Exchange Server, SQL Server, or PowerShell crashes after you install security update 2449742 or 2446709
  • 2449741 MS11-028: Description of the security update for the .NET Framework 3.5 Service Pack 1 and the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 1 and Windows Server 2008: April 12, 2011
  • 2446704 MS11-028: Description of the security update for the .NET Framework 3.5 Service Pack 1 and the .NET Framework 2.0 Service Pack 2 on Windows Server 2003 and Windows XP: April 12, 2011
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 2484015 - Last Review: 05/11/2012 21:26:00 - Revision: 4.0

Microsoft .NET Framework 3.5 Service Pack 1, Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Microsoft .NET Framework 4, Microsoft Windows XP Service Pack 3, Microsoft Windows Server 2003 Service Pack 2, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2, Windows 7 Enterprise, Windows 7 Home Basic, Windows 7 Home Premium, Windows 7 Professional, Windows 7 Starter, Windows 7 Ultimate, Windows Server 2008 R2 Datacenter, Windows Server 2008 R2 Enterprise, Windows Server 2008 R2 Foundation, Windows Server 2008 R2 Standard, Windows Server 2008 R2 for Itanium-Based Systems, Microsoft .NET Framework 2.0 Service Pack 2, Windows Vista Service Pack 1, Windows Server 2008 Datacenter, Windows Server 2008 Enterprise, Windows Server 2008 Standard, Windows Server 2008 for Itanium-Based Systems

  • atdownload kbbug kbexpertiseinter kbfix kbsecbulletin kbsecurity kbsecvulnerability KB2484015
Feedback